Asean’s patchwork of data regulations needs a revamp
Regional mechanisms and trade agreements often appear deceptively promising for data flows
Add BT as a preferred source
SOUTH-EAST Asia’s data protection regulation landscape has witnessed significant activity in the past two years, including the enactment of new personal data protection laws in Vietnam and Indonesia, and the enforcement of the Asean Model Contractual Clauses (MCCs). For businesses, this means navigating an ever more complex and diverse regulatory terrain on personal data, constraining the region’s digital economy growth potential.
Existing regional efforts like the MCCs and trade agreements, however, are insufficient in harmonising national regulations, thereby failing to foster a business-friendly regional data landscape.
The significant disparities in personal data protection regulations across Asean countries create formidable barriers for businesses. Besides legal frameworks being at various stages of development, the content of data protection laws also differs significantly due to widely different national interests. At the most liberal end, the Philippines takes a very business-oriented approach with minimal cross-border data transfer restrictions, while Vietnam, on the other end of the spectrum, heavily emphasises national security and requires extensive data localisation.
TRENDING NOW
What’s wrong with Orchard Road? Experts weigh in on the street’s cachet and its future
CSE Global independent director quits after clashes with chairman Eugene Lai over board refresh
Onitsuka Tiger pivots from Asics stripes to tap luxury market
Singapore to advance AI agenda as Asean chair, focus on cross-border data flows, smaller firms
